"Paul R. Ramer" <free10...@gmail.com> wrote: > On 11/05/2013 09:26 AM, Leo Gaspard wrote: > > However, I think in this case (assuming there are no more UID on key 2 than > > on > > key 1), assertions are sufficient, *because* there are two assertions, one > > in > > both ways. > > > > I mean : > > * Owner of Key 1 says (s)he is owner of Key 2 (through signed message > > saying > > you so) > > * Owner of Key 2 says (s)he is owner of Key 1 (through signed UID on Key 2) > > > > So, except in case of collusion between owners of Keys 1 and 2, I believe > > there > > is no way one can be wrong in signing Key 2 (of course, if Key 1 is signed). > > There could be collusion with only one key. Verification of the key > details cannot address this. > > > IIUC, your point is that verification would enable one to avoid collusion, > > as it > > is the only flaw I can see in this verification scheme. > > Except collusion can not be avoided in any way, AFAIK. > > No. Avoiding collusion is impossible here. It just comes down to you > vouching through your signature on the second key that you have > *verified* it. Nothing more, nothing less. If you didn't follow all of > the steps to verify it, why would you sign it with an exportable > signature?
You verify the key(s) by inspecting them and drawing conclusions. You have a mathematical proof in front of your eyes. If "verification" is not gathering evidence (for building certainty, or strong belief), then what is it? Stan Tobias _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users